Table of Contents
Advertisement
Configuring High Availability VLANs
Traditional Firewall Implementation
The figure below shows two high availability VLANs that are used to manage a third-party high availabil-
ity firewall cluster. Unsecure traffic from the Internet comes into the OmniSwitch through the ingress port
1/1 of high availability VLAN 10. This traffic is sent to the high availability cluster through the egress
ports that belong to HA VLAN 10 (2/9, 2/10, and 3/5).
Internet
Ingress
Egress
The third-party high availability firewall cluster sends authorized traffic to ports 4/1, 5/3, and 5/4 that
belong to standard VLAN 20. This traffic is then forwarded on VLAN 20 to the private network.
See
"Application Example 1: Firewall Cluster" on page 3-16
availability VLANs in the example above.
Release 5.1.6.R02 User Guide Supplement
Data Flow
Firewall Port Clusters
1/1
2/9
HA VLAN 10
2/10
Firewall and High Availability Cluster
June 2005
OmniSwitch
OmniSwitch 7800
Standard VLAN 20
4/1
5/3
5/4
3/5
for instructions on how to configure the high
Private
Network
Data Flow
page 3-7
Advertisement
Table of Contents
